<?php
namespace app\admin\controller;
use think\Request;
use think\Validate;
use think\Cache;
use app\common\lib\Htmlp;
use app\common\controller\Base;

class ApiAdmin extends Base
{
    public function token()
    {
        $token = $this->request->token('__token__', 'sha1');
        return jsonSuccess('',$token);
    }
    
    public function login()
    {
        $token = input('post.__token__');
        $data = [
            '__token__' => $token,
        ];
        $validate = new Validate([ 
            '__token__' =>'require|token',
        ]);
        if (!$validate->check($data)) {
            return jsonError($validate->getError());
        }
        
        $header = Request::instance()->header();
        $captcha = input('post.captcha');
        if (config('settingInfo')['loginCaptcha']) {
            if(!captcha_check($captcha)) {
                return jsonError('验证码错误');
            }
        }
        
        $data = $this->request->post();
        if (!isset($data['username']) || !$data['username']) {
            return jsonError('请输入用户名');
        }
        if (!isset($data['password']) || !$data['password']) {
            return jsonError('请输入密码');
        }
        
        if (preg_match("/^1[34578]{1}\d{9}$/",$data['username'])) {
            $userInfo = db('BaseAdmin')->where('mobile',$data['username'])->find();
            if (!$userInfo) {
                $userInfo = db('BaseAdmin')->where('username',$data['username'])->find();
            }
        } else {
            $userInfo = db('BaseAdmin')->where('username',$data['username'])->find();
        }
        $ip = Request::instance()->ip();
        if ($userInfo) {
            $num = cache('user_error_num_' . $ip . '_' . $userInfo['uid']);
            $time = cache('user_error_time_' . $ip . '_' .$userInfo['uid']);
            if ($num > 30) {
                if ($time > time() - 1800) {
                    model('app\common\model\Log')->itemAdd('登录次数过多，登录IP：' . Request::instance()->ip(),$userInfo['uid'],'adminLogin');
                    return jsonError('登录次数过多，请稍后再试');
                }
            }
        } else {
            return jsonError('账号不存在');
        }
        if($userInfo['status'] == 1) {
            return jsonError('你的账号被禁止登录');
        }
        if ($userInfo['password'] == create_md5($data['password'],$userInfo['salt'])) {
            db('BaseAdmin')->where('uid',$userInfo['uid'])->update(array(
                'last_login_time' => time(),
                'last_login_ip' => Request::instance()->ip(),
                'login_num' => $userInfo['login_num'] + 1,
            ));
            $userInfo['password'] = null;
            $userInfo['salt'] = null;
            $token = unid();
            db('BaseAdminToken')->insert(array('uid' => $userInfo['uid'],'add_time' => time(),'token' => $token));
            cookie('adminToken',$token,360000);
            model('app\common\model\Log')->itemAdd('登录成功，登录IP：' . Request::instance()->ip(),$userInfo['uid'],'adminLogin');
            return jsonSuccess('登录成功',$userInfo);
        } else {
            $num = cache('user_error_num_' . $userInfo['uid']);
            if (!$num) {
                $num = 0;
            }
            $num = $num + 1;
            cache('user_error_num_' . $ip . '_' . $userInfo['uid'],$num);
            cache('user_error_time_' . $ip . '_' . $userInfo['uid'],time());
            return jsonError('账号或密码不正确');
        }

    }
    
    public function loginOut()
    {
        $adminToken = cookie('adminToken');
        db('BaseAdminToken')->where('token',$adminToken)->delete();
        model('app\common\model\Log')->itemAdd('退出成功，退出IP：' . Request::instance()->ip(),config('adminId'),'adminLogin');
        cookie('adminToken', null);
        return jsonSuccess('退出成功');
    }
   
}